However, next-gen security providers including Crowd Strike, Cylance, Fire Eye, and Palo Alto Networks have only confirmed compatibility but so far haven't been willing to set the specific registry key.Next-gen providers claim they're not setting the registry key because they don't want to risk causing a BSOD in the event a customer also has other antivirus software installed.For example, say you're running Update 6 of EMS and want to apply Update 8.
As part of this week's security updates for the Meltdown and Spectre CPU attacks, Microsoft required that all third-party antivirus vendors confirm compatibility with its CPU fixes and then to set a registry key in their products to certify compatibility.
For each new build (file) you wish to update, you can navigate to the appropriate installation guide or follow the installation instructions linked next to the download. Consider the following notes depending on your implementation and licensing.
You can verify your current Patch Number by launching the EMS Desktop Client and selecting .
Download now: IT leader's guide to reducing insider security threats However, it seems conventional antivirus products meet both requirements, while next-generation security products have only confirmed compatibility.
Beaumont said Microsoft is using the new certification process to prevent antivirus vendors bypassing Microsoft's Kernel Patch Protection, which it introduced in 2007 to defend against rootkits.
Currently, the list of fully compatible antivirus currently includes Avast, AVG, Avira, Bitdefender, ESET, F-Secure, Kaspersky, Malwarebytes, Sophos, and Symantec.